Security News > 2021 > December > Google Disrupts Blockchain-based Glupteba Botnet; Sues Russian Hackers

Google on Tuesday said it took steps to disrupt the operations of a sophisticated "Multi-component" botnet called Glupteba that approximately infected more than one million Windows computers across the globe and stored its command-and-control server addresses on Bitcoin's blockchain as a resilience mechanism.

As part of the efforts, Google's Threat Analysis Group said it partnered with the CyberCrime Investigation Group over the past year to terminate around 63 million Google Docs that were observed to have distributed the malware, alongside 1,183 Google Accounts, 908 Cloud Projects, and 870 Google Ads accounts that were associated with its distribution.

Google TAG said it worked with internet infrastructure providers and hosting providers, such as CloudFlare, to dismantle the malware by taking down servers and placing interstitial warning pages in front of the malicious domains.

Vending credit cards to facilitate fraudulent purchases from Google Ads and other Google services.

"Dont.farm's customers pay the Glupteba Enterprise in exchange for the ability to access a browser that is already logged into a victim's stolen Google account," the company alleged.

"Unfortunately, Glupteba's use of blockchain technology as a resiliency mechanism is notable here and is becoming a more common practice among cyber crime organizations," Google's Royal Hansen and Halimah DeLaine Prado said.

News URL

https://thehackernews.com/2021/12/google-disrupts-blockchain-based.html